Study And Design On Identity-Based Cryptosystems

A public key is managed by a digital certificate and each user has a certificate signed by a certificate authority in traditional public key cryptosystems. A user has to verify the correctness of its certificate before using a public key and the certificate authority needs large cost of computation and storage space to manage the certificates including their issuance, storage and revocation. These problems are solved by an identity-based cryptosystem in which the user's identity is exactly his public key and no certificate is required. As a result, this system can be used to greatly simplify the management of cryptographic key in public key cryptography.In 2001, Boneh and Franklin put forward the first identity-based encryption scheme with a strict security proof. Since then, a lot of identity-based cryptographic schemes have been raised and much progress has been made in this field. In this thesis, we investigate the identity-based cryptographic schemes in standard model, and obtain the following results:1. Similar to the situation of identity-based encryption (IBE) scheme, the study on identity-based signature (IBS) scheme is of great value for practical applications. We propose a new identity-based signature (IBS) scheme which is EU-ID-CMA secure in standard model, and it has short public parameters, high efficiency and a tight reduction. In addition, we construct the first identity-based signcrypt (IBSC) scheme which is fully secure in standard model, and it has the characteristics of short public parameters and a tight reduction.2. From the point of improving efficiency of cryptographic schemes, the study on hierarchical identity-based cryptosystem is significant. We present a hierarchical identity-based encryption (HIBE) scheme with constant size ciphertext, and it is IND-ID-CCA2 secure in standard model with a tight reduction. We also propose a hierarchical identity-based signature (HIBS) scheme with constant size signature, and it is EU-ID-CMA secure in standard model.3. The concept of fuzzy identity-based encryption (fuzzy IBE) is introduced to provide an error-tolerance property for identity-based systems, and it allows a sender to encrypt a document to all users that have a certain set of attributes. We construct a new fuzzy IBE scheme which is IND-FID-CCA2 secure in standard model. Moreover, our scheme has short parameters and a tight reduction simultaneously.4. In a broadcast encryption scheme, a broadcaster encrypts a message for a subset of users who are listening to a broadcast channel. Any user in this subset can use his private key to decrypt the broadcast. We design an identity-based broadcast encryption (IBBE) scheme which is IND-ID-CCA2 secure in standard model, with constant size public key and ciphertexts. In this scheme, the private key size is linearly proportional to the total number of users. Further, our IBBE scheme is collusion resistant for arbitrarily large collusions of users.5. In a proxy re-encryption scheme, a semi-trusted proxy converts a ciphertext for Alice into a ciphertext for Bob without seeing the underlying plaintext. We define the framework and security model for the hierarchical identity-based proxy re-encryption (HIBPRE) scheme, and propose an HIBPRE scheme which is IND-PrID-CCA2 secure in standard model. In this scheme, the ciphertext size is independent of the level of the hierarchy. In addition, our scheme satisfies unidirectionality, non-interactivity and permits multiple re-encryptions.6. Parallel key-insulated encryption allows distinct independent helpers to be alternatively used in key update operations for each user. We construct a new identity-based parallel key-insulated encryption (IBPKIE) scheme with constant size public key, private key and ciphertext. The scheme achieves IND-ID-KI-CCA2 security in standard model, and encryption and decryption only need four bilinear pair computation. Compared to the IBPKIE scheme of J. Weng, this work not only improves the security, but also decreases the size of the public key. Combining HIBE with PKIE scheme, we also define the framework and security model for the hierarchical identity-based parallel key- insulated encryption (HIBPKIE) scheme, and propose the first HIBPKIE scheme which is IND-ID-KI-CCA2 secure in standard model. Moreover, the size of the public key and ciphertext is constant, and the cost of its computation is very low.